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1 Practical byzantine fault tolerance and proactive recovery 
^ Miguel Castro, Barbara Liskov 

^ November 2002 ACM Transactions on Computer Systems (TOCS), Volume 20 issue 4 
Publisher: ACM Press 

Full text available- « odff 1 63 MB) Additional Information: fall citation , abstract, references , citings, MdM 
^ ' terrns, review 

Our growing reliance on online services accessible on the Internet demands highly 
available systems that provide correct service without interruptions. Software bugs, 
operator mistakes, and malicious attacks are a major cause of service interruptions and 
they can cause arbitrary behavior, that is, Byzantine faults. This article describes a new 
replication algorithm, BFT, that can be used to build highly available systems that tolerate 
Byzantine faults. BFT can be used in practice to implement re ... 

Keywords: Byzantine fault tolerance, asynchronous systems, proactive recovery, state 
machine replication, state transfer 



Role-based access control on the web 
Joon S. Park, Ravi Sandhu, Gail-Joon Ahn 

February 2001 ACM Transactions on Information and System Security (TISSEC), Volume 

4 Issue 1 

Publisher: ACM Press 

Additional Information: Mlcitatipn., ab.sjn3.5t references, citings, index, 
terms, review 



Full text available: Wpdfi.33103. Kg) 



Current approaches to access control on the Web servers do not scale to enterprise-wide 
systems because they are mostly based on individual user identities. Hence we were 
motivated by the need to manage and enforce the strong and efficient RBAC access 
control technology in large-scale Web environments. To satisfy this requirement, we 
identify two different architectures for RBAC on the Web, called user-pull and server-pull. 
To demonstrate feasibility, we im ... 



Keywords: WWW security, cookies, digital certificates, role-based access control 
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Use of nested certificates for efficient, dynamic, and trust preserving public key 
infrastructure 

Albert Levi, M. Ufuk Caglayan, Cetin K. Koc 

February 2004 ACM Transactions on Information and System Security (TTSSEC), Volume 

7 Issue 1 

Publisher: ACM Press 

Additional Information: fall citation, abstract, references, index terms. 



Full text available: m pd*532.G4 KB) 

LlS *"^ .review 

Certification is a common mechanism for authentic public key distribution. In order to 
obtain a public key, verifiers need to extract a certificate path from a network of 
certificates, which is called public key infrastructure (PKI), and verify the certificates on 
this path recursively. This is classical methodology. Nested certification is a novel 
methodology for efficient certificate path verification. Basic idea is to issue special 
certificates (called nested certificates) for other certifica ... 

Keywords: Digital certificates, key management, nested certificates, public key 
infrastructure 



A security„arch^ 

Michael K. Reiter, Kenneth P. Birman, Robbert van Renesse 

November 1994 ACM Transactions on Computer Systems (TOCS), volume 12 issue 4 
Publisher: ACM Press 

Additional Information: fall citation, abstract, references, citings, index 



Full text available: ■pi pdO.50 MB) 

^ terms, reyjew 

Process groups are a common abstraction for fault-tolerant computing in distributed 
systems. We present a security architecture that extends the process group into a 
security abstraction. Integral parts of this architecture are services that securely and fault 
tolerantly support cryptographic key distribution. Using replication only when necessary, 
and introducing novel replication techniques when it was necessary, we have constructed 
these services both to be easily defensible against atta ... 

Keywords: key distribution, multicast, process groups 



5 A secure and^ 
^ Pino Persiano, Ivan Visconti 

^ November 2003 ACM Transactions on Information and System Security (TISSEC), 

Volume 6 Issue 4 

Publisher: ACM Press 

Full text available: ^pdf(241.65 KB) Additional Information: fall citation, abstract, references, index terms 

In this paper we study privacy issues regarding the use of the SSL/TLS protocol and 
X.509 certificates. Our main attention is placed on subscription-based remote services 
(e.g., subscription to newspapers and databases) where the service manager charges a 
flat fee for a period of time independent of the actual number of times the service is 
requested.We start by pointing out that restricting the access to such services by using 
X.509 certificates and the SSL/TLS protocol, while preserving the in ... 

Keywords: Access control, anonymity, cryptographic algorithms and protocols, privacy, 
world-wide web 
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April 2003 ACM SIGCOMM Computer Communication Review, Volume 33 issue 2 
Publisher: ACM Press 

Full text available: l | |pdf{217.65 K3) Additional Information: full citation, abstract, references 

Cryptographic certificates are a powerful tool for security concerned applications where 
the participants must be authenticated in order to access some resources or commit a 
transaction. However, due to various reasons, the validity of such certificates can change 
over time, introducing the risk of an invalid certificate being used to authenticate an 
entity. Various methods of mitigating this risk have been devised, known broadly as 
"certificate revocation" schemes. In this paper, we cate ... 

CerMcat^ 

Mary R. Thompson, Abdelilah Essiari, Srilekha Mudumbai 

November 2003 ACM Transactions on Information and System Security (TISSEC), 

Volume 6 Issue 4 

Publisher: ACM Press 

Full text available: « £df(233.G3 K3) Additional Information: M citation, abstract, references, citin 5 s, IQdex 
^ terms 

The major emphasis of public key infrastructure has been to provide a cryptographically 
secure means of authenticating identities. However, procedures for authorizing the 
holders of these identities to perform specific actions still need additional research and 
development. While there are a number of proposed standards for authorization 
structures and protocols such as KeyNote, SPKI, and SAML based on X.509 or other key- 
based identities, none have been widely adopted. As part of an effort to us ... 

Keywords: Public key infrastructure, XML, digital certificates 



A secure infrastructure for service discovery and access in pervasive computing 
Jeffrey Undercoffer, Filip Perich, Andrej Cedilnik, Lalana Kagal, Anupam Joshi 
April 2003 Mobile Networks and Applications, volume s issue 2 
Publisher: Kluwer Academic Publishers 

Full text available* ^lpdf(306.34 K3i Additional lnformatjon: legation, abstract references , citings, Index 

terms 

Security is paramount to the success of pervasive computing environments. The system 
presented in this paper provides a communications and security infrastructure that goes 
far in advancing the goal of anywhere-anytime computing. Our work securely enables 
clients to access and utilize services in heterogeneous networks. We provide a service 
registration and discovery mechanism implemented through a hierarchy of service 
management. The system is built upon a simplified Public Key Infrastructure t ... 

Keywords: distributed services, extensible markup language, pervasive computing, 
security, smartcards 



HowJo.securely„rep^ 

Michael K. Reiter, Kenneth P. Birman 

May 1994 ACM Transactions on Programming Languages and Systems (TOPLAS), 

Volume 16 Issue 3 

Publisher: ACM Press 

Full text available- f& pd« "1 78 MB) Additional Information: Mcitatjon, abstract, references, citings, index 
" ^ *' A "*'* ""*■ terms 

We present a method for constructing replicated services that retain their availability and 
integrity despite several servers and clients being corrupted by an intruder, in addition to 
others failing benignly. We also address the issue of maintaining a causal order among 
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client requests. We illustrate a security breach resulting from an intruder's ability to effect 
a violation of causality in the sequence of requests processed by the service and propose 
an approach to counter this attack. A ... 

Keywords: causality, replication, state machines, threshold cryptography 



1 0 S ecu re .aroup„com m 

Chung Kei Wong, Mohamed Gouda, Simon S. Lam 

February 2000 IEEE/ ACM Transactions on Networking (TON), volume 8 issue l 
Publisher: IEEE Press 

Additional Information: Miration., references, .citings, indexjerms, 



Full text available: , p| odtl345 54 KB) 

review 



Keywords: confidentiality, group communications, group key management, key 
distribution, multicast, privacy, rekeying, security 



11 Sjomejac^ 
j& Jorg Rothe 

December 2002 ACM Computing Surveys (CSUR), volume 34 issue 4 
Publisher: ACM Press 

Full text available* ^Ddf(2.78 W*) Addit i° na| Information: full citation, abstract, references, cjtjngs, index 

terms, review 

In this tutorial, selected topics of cryptology and of computational complexity theory are 
presented. We give a brief overview of the history and the foundations of classical 
cryptography, and then move on to modern public-key cryptography. Particular attention 
is paid to cryptographic protocols and the problem of constructing key components of 
protocols such as one-way functions. A function is one-way if it is easy to compute, but 
hard to invert. We discuss the notion of one-way functions both ... 

Keywords: Complexity theory, interactive proof systems, one-way functions, public-key 
cryptography, zero-knowledge protocols 



1 2 Authent icajj.on j n„ihe 

Edward Wobber, Martin Abadi, Michael Burrows, Butler Lampson 

February 1994 ACM Transactions on Computer Systems (TOCS), volume 12 issue 1 

Publisher: ACM Press 

Full text available: f§ pdf(1.88 MS) Additional Information: Ml citation, abstract reMences, citings, index 
x terms, review 

We describe a design for security in a distributed system and its implementation. In our 
design, applications gain access to security services through a narrow interface. This 
interface provides a notion of identity that includes simple principals, groups, roles, and 
delegations. A new operating system component manages principals, credentials, and 
secure channels. It checks credentials according to the formal rules of a logic of 
authentication. Our implementation is efficient enough to sup ... 

Keywords: cryptography, mathematical logic 
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services 

Jian Yin, Jean-Philippe Martin, Arun Venkataramani, Lorenzo Alvisi, Mike Dahlin 

October 2003 Proceedings of the nineteenth ACM symposium on Operating systems 

principles 
Publisher: ACM Press 

Full text available: ^.pdf(355 : G8 Kg) Additional Information: MLsMlon, abstract, references, index terms 

We describe a new architecture for Byzantine fault tolerant state machine replication that 
separates agreement that orders requests from execution that processes requests. This 
separation yields two fundamental and practically significant advantages over previous 
architectures. First, it reduces replication costs because the new architecture can tolerate 
faults in up to half of the state machine replicas that execute requests. Previous systems 
can tolerate faults in at most a third ... 

Keywords: byzantine fault tolerance, confidentially, reliability, security, state machine 
replication, trustworthy systems 



14 Attribute certif^^^ Q 
M in distributed environments 
^ John Linn, Magnus Nystrom 

October 1999 Proceedings of the fourth ACM workshop on Role-based access control 

Publisher: ACM Press 

Full text available: ^ pdf(1.04 MB) Additional Information: full citation, references, citings, index terms 



15 ESexLble. control. of downloMe^ 

Trent Jaeger, Atul Prakash, Jochen Liedtke, Nayeem Islam 

May 1999 ACM Transactions on Information and System Security (TISSEC), volume 2 

Issue 2 

Publisher: ACM Press 

Full text available- «irf«97 7S KB) Additional Information: Miration, abstract, refejepces, citings, Index 
^ terms, review 

We present a security architecture that enables system and application a ccess control 
requirements to be enforced on applications composed from downloaded executable 
content. Downloaded executable content consists of messages downloaded from remote 
hosts that contain executables that run, upon receipt, on the downloading principal's 
machine. Unless restricted, this content can perform malicious actions, including 
accessing its downloading principal's private data and sending messages on th ... 

Keywords: access control models, authentication, autorization machanisms, collaborative 
systems, role-based access control 



16 SPV: secure path vector routing for securing BGP 

Yih-Chun Hu, Adrian Perrig, Marvin Sirbu 
^ August 2004 ACM SIGCOMM Computer Communication Review , Proceedings of the 
2004 conference on Applications, technologies, architectures, and 
protocols for computer communications SIGCOMM '04, Volume 34 issue 4 
Publisher: ACM Press 

Full text available: ^i?dft236^2.KB) Additional Information: fuJLcitatipn, abstract, Merences, index. terrns 

As our economy and critical infrastructure increasingly relies on the Internet, the 
insecurity of the underlying border gateway routing protocol (BGP) stands out as the 
Achilles heel. Recent misconfigurations and attacks have demonstrated the brittleness of 
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BGP. Securing BGP has become a priority.In this paper, we focus on a viable deployment 
path to secure BGP. We analyze security requirements, and consider tradeoffs of 
mechanisms that achieve the requirements. In particular, we study how to se ... 

Keywords: BGP, Border Gateway Protocol, interdomain routing, routing, security 



17 AR£CAia.h]gN Q 
^ Jiwu Jing, Peng Liu, Dengguo Feng, Ji Xiang, Neng Gao, Jingqiang Lin 
^ October 2003 Proceedings of the 2003 ACM workshop on Survivable and self- 
regenerative systems: in association with 10th ACM Conference on 
Computer and Communications Security 
Publisher: ACM Press 

Full text available: ^ pd;71.40 MB) Additional Information: full ci-ation , abstract, references, index terms 

Certification Authorities (CA) are a critical component of a PKI. All the certificates issued 
by a CA will become invalid when the (signing) private key of the CA is compromised. 
Hence it is a very important issue to protect the private key of an online CA. ARECA 
systems, built on top of threshold cryptography, ensure the security of a CA through a 
series of defense-in-depth protections. ARECA systems won't be compromised when a few 
system components are compromised or some system administrat ... 

Keywords: CA, RSA, attack resilience, digital signature, intrusion tolerance 



18 General storage protection techniques: Securing distributed storage: challenges. 

techniques, and systems 
^ Vishal Kher, Yongdae Kim 

November 2005 Proceedings of the 2005 ACM workshop on Storage security and 
survivability StorageSS '05 

Publisher: ACM Press 

Full text available: ^pdf(294..§l.JS.B) Additional Information: fyji.cltation, abstract, references, index terms 

The rapid increase of sensitive data and the growing number of government regulations 
that require longterm data retention and protection have forced enterprises to pay serious 
attention to storage security. In this paper, we discuss important security issues related 
to storage and present a comprehensive survey of the security services provided by the 
existing storage systems. We cover a broad range of the storage security literature, 
present a critical review of the existing solutions, compare ... 

Keywords: authorization, confidentiality, integrity, intrusion detection, privacy 



1 9 Revoka^ Q 
d& Markus Jakobsson, Moti Yung 

^ January 1996 Proceedings of the 3rd ACM conference on Computer and 
communications security 
Publisher: ACM Press 

Full text available: ^|>d?tl ..53.MB.i Additional Information: MLcrtation. references, citings, index terms 



20 Password Management and Digital Signatures: The BiBa one-time signature and 

^ broads 
^ Adrian Perrig 

November 2001 Proceedings of the 8th ACM conference on Computer and 
Communications Security 
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Publisher: ACM Press 

Additional Information: full citation, abstract, references, citings, index 



Full text available: "Mpdf{268.66 KB) 

terms 

We introduce the BiBa signature scheme, a new signature construction that uses one-way 
functions without trapdoors. BiBa features a low verification overhead and a relatively 
small signature size. In comparison to other one-way function based signature schemes, 
BiBa has smaller signatures and is at least twice as fast to verify (which probably makes it 
one of the fastest signature scheme to date for verification). On the downside, the BiBa 
public key is large, and the signature generation ... 

Keywords: broadcast authentication, one-time signature, signature based on a one-way 
function without trapdoor, source authentication for multicast 
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